Unable to automatically download Certificate Revocation List

Symptom

Certificate Revocation List (CRL) download failed for an LDAP CRL distribution point (DP).

Solution 1
Cause
The LDAP CRL DP does not specify a valid host name or IP address.
For example, ldap:///CN=...
Action
The Certificate Authority administrator has to ensure to have the host name or IP address in the CRL DP of the certificate while signing the certificate.
Solution 2
Cause

Symptom

CRL download failed due to proxy issues.

Cause

Proxy is either not configured or configured incorrectly in the appliance.

Action
Ensure that the proxy is configured correctly in the appliance.